>From: owner-openssl-us...@openssl.org On Behalf Of Lee Hambley
>Sent: Thursday, 11 April, 2013 02:33
>I've been battling the following code for a couple of hours
>armed with my Network Security With OpenSSL book to little avail.
>#include <openssl/rsa.h>
>#include <openssl/x509.h>
>#include <stdio.h>
>extern unsigned char _binary____certificates_der_start;
>extern unsigned char _binary____certificates_der_size;
I see below this is apparently a very weird object-file trick.
>int main(int argc, char argv[]) {
> RSA *public_key = NULL;
> int public_key_len = (int)&_binary____certificates_der_size;
> const unsigned char *public_key_buffer =
&_binary____certificates_der_start;
> public_key = d2i_RSAPublicKey(NULL, &public_key_buffer, public_key_len);
> if ( !public_key) {
<snip>
A certificate and a publickey are very different things.
Your tool below seems to have chosen a very inapposite name
apparently by default; it would be nice if you can change that.
>The "dir.o" is being built with: "objcopy --input binary --output
>elf32-littlearm --binary-architecture arm ../certificates/pubkey.der
der.o",
>which I believe is correct, although naturally the ".o" file is quite
large,
>the `&_binary____certificates_der_size` reports the correct size (294 in my
case).
Using a presumably-absolute "address" for a size? Yuck! The classic
way to do this was a _start address and an _end address. Oh well.
How was ../certificates/pubkey.der created and what exactly is in it?
If it was created by openssl commandline genrsa or genpkey or similar
those write "PUBKEY" format (which is actually SubjectPublicKeyInfo
from X.509) not the algorithm-specific format RSAPublicKey (or others).
If that's what you have, use d2i_PUBKEY to get an EVP_PKEY, or
d2i_RSA_PUBKEY to get an RSA (and NULL if the key isn't RSA).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
